# distribution-soneium.xyz — SUSPICIOUS > distribution-soneium.xyz is a cryptocurrency wallet phishing site. VirusTotal flags 3/95 vendors. Check the full report. ## Summary PhishDestroy identifies distribution-soneium.xyz as an active cryptocurrency wallet phishing domain designed to steal digital assets from unsuspecting users. The site impersonates legitimate cryptocurrency wallet services, tricking visitors into entering private keys, seed phrases, or login credentials. Once harvested, this data is used to drain wallets or compromise accounts, leading to irreversible financial losses. The domain’s deceptive tactics often include urgent messages like 'Your wallet is locked' or 'Security alert: update your credentials now,' exploiting fear to bypass rational scrutiny. Users who interact with the site risk losing access to their funds permanently. This domain was flagged by PhishDestroy after VirusTotal’s detection engines recorded 3 out of 95 security vendors marking it as malicious. Further analysis revealed the domain was registered on April 06, 2026, through PDR Ltd. d/b/a PublicDomainRegistry.com, a registrar known for accommodating both legitimate and malicious domains. The site operates behind a Let’s Encrypt SSL certificate, which may lend it an air of legitimacy, and resolves to IP address 172.67.166.237. Despite its recent creation, the domain’s infrastructure is already linked to phishing campaigns targeting cryptocurrency users. The low detection rate among vendors suggests the threat may be newly emergent or employing evasion techniques. If you visited distribution-soneium.xyz, immediately disconnect from the internet to prevent any ongoing data transmission. Do not enter any credentials, wallet addresses, or private keys on the site. Check your cryptocurrency wallets for unauthorized transactions and revoke any permissions granted to suspicious applications. Run a full antivirus scan on your device to detect potential malware. Report the domain to your wallet provider and relevant cybersecurity platforms (e.g., PhishDestroy, Google Safe Browsing) to help block its distribution. Avoid clicking on links from unsolicited emails or messages, and always verify the official URL of cryptocurrency services through trusted sources before entering sensitive information. ## Threat Details - Verdict: SUSPICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registered: 2026-04-06 16:07:55 - Registrar: PDR Ltd. d/b/a PublicDomainRegistry.com - IP: 172.67.166.237 ## Detection Status - VirusTotal: 3 vendors flagged - Google Safe Browsing: clean - Blocklists: 0 hits ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/domains/distribution-soneium.xyz - PhishDestroy: https://phishdestroy.io/domain/distribution-soneium.xyz/ - LLM endpoint: https://phishdestroy.io/domain/distribution-soneium.xyz/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/distribution-soneium.xyz/ Last updated: 2026-04-09